What to include in a SLA?

What should a SLA include?

A well designed service level agreement helps to reduce third-party related risks. First of all you should understand the business requirements and risks associated with the service before you start to document a service level agreement. Otherwise the control will shift to the third-party organization. Take your time and resources to ensure you understand the service, the related workflows associated with service, governance and management requirements, roles & responsibilities; business, IT and security requirements.

As an example, below are topics you should consider when documenting service support clauses: 

  • Does the support  cover  end-user support or  2nd level support where the customer takes the responsibility for end-user support (1st level support)?
  • Does the support  cover supplier escalations (for example for hardware repair ) including tracking the whole lifecycle of incidents escalated to suppliers?
  • How will the incidents and service requests be reported by the customer (users)? (telephone, e-mail, logging into a tool etc.)
  • What are the targets for incident response and resolution time based on priority ? 
  • What are the definitions of incident priority levels?
  • What is the definition of incident response, when does it start and end
  • What are the targets for  reopened incidents? The customer should have the right to reopen the incident when the applied resolution can’t be verified. Target for reopening might be monthly %5.
  • Is there a  service request  catalogue where all requests associated to  the service are listed?
  • Do the service requests have attributes like costs, approvals,  service levels for fulfilment, eligible contacts to submit requests?
  • What is the definition of a major incident? How will it managed and reported by the service provider? (For example it is normally expected that the service provider reports the downtime caused by the major incident including identified root cause and planed actions to prevent the reoccurrence)

For instance, a typical statement for a service level breach might be: 98 percent or a higher number of incidents should comply with the agreed service level; otherwise, a service breach is reported.

 

Here is a complete Service Level Agreement renewal and negotiation checklist .

Back to blog

Leave a comment

Please note, comments need to be approved before they are published.